Follow-up: Add config options to disable name, email, subject modification
Why:
* Comments were left on the patch merged as
6012864345
indicating issues with
the implementation of the patch.
* This follow-up change addresses these concerns, including giving
a more detailed error description for missing a confirmed email
address and disallowing invalid configuration.
What:
* Add contactpage-musthaveemail-error-title and contactpage-
musthaveemail-error which are used instead of noemail and
noemailtitle for when a confirmed email address is not attached
to an account.
* Make the following configurations disallowed and to cause the
contact page to not display:
** 'EmailReadonly' set to true, 'MustBeLoggedIn' set to false,
and 'RequireDetails' set to true
** 'MustHaveEmail' set to true and 'MustBeLoggedIn' set to false.
* Update the README for changes made, including fixing the listed
example configuration.
Bug: T324175
Change-Id: I2074c800987c91d53f589ffcc717557e46684092
这个提交包含在:
父节点
d0b2fc651b
当前提交
e0dc4dfdc5
23
README
23
README
|
@ -38,7 +38,11 @@ $wgContactConfig.
|
|||
'SenderName' => 'User Email',
|
||||
'RequireDetails' => true,
|
||||
'IncludeIP' => true,
|
||||
"MustBeLoggedIn": true,
|
||||
'MustBeLoggedIn' => true,
|
||||
'NameReadonly' => true,
|
||||
'EmailReadonly' => true,
|
||||
'SubjectReadonly' => true,
|
||||
'MustHaveEmail' => true,
|
||||
'AdditionalFields' => [],
|
||||
'RLModules' => [],
|
||||
'RLStyleModules' => [],
|
||||
|
@ -47,6 +51,12 @@ $wgContactConfig.
|
|||
All contact form keys (in this case 'formname') should be in
|
||||
lowercase.
|
||||
|
||||
The following situations will cause the contact form to be inaccessible:
|
||||
* Setting EmailReadonly to true if MustBeLoggedIn is false and RequireDetails
|
||||
is false.
|
||||
* Setting MustHaveEmail to true if MustBeLoggedIn is false.
|
||||
* RecipentUser being undefined.
|
||||
|
||||
RecipentUser must be the username of a registered wiki user, who has
|
||||
supplied an email address, has user-to-user email enabled, and has
|
||||
confirmed his/her email address if that is required on this wiki
|
||||
|
@ -66,6 +76,17 @@ offering to put the IP address of the submitter in the subject line.
|
|||
MustBeLoggedIn is whether the contact form is only accessible when
|
||||
users are logged in.
|
||||
|
||||
NameReadonly is used to make the name field readonly.
|
||||
|
||||
EmailReadonly is used to make the email field readonly.
|
||||
|
||||
SubjectReadonly is used to make the subject field readonly.
|
||||
|
||||
MustHaveEmail is used to require that the user loading the form has
|
||||
a confirmed email address attached to their account. If the user does
|
||||
not have a confirmed email address, an error will be displayed and the
|
||||
form will not be shown.
|
||||
|
||||
AdditionalFields is used to add any additional fields to the contact form.
|
||||
These are done using https://www.mediawiki.org/wiki/HTMLForm notation.
|
||||
The default message text box is not included by default, and if required,
|
||||
|
|
|
@ -21,5 +21,7 @@
|
|||
"contactpage-captcha-error": "CAPTCHA error",
|
||||
"contactpage-config-error-title": "Contact form error",
|
||||
"contactpage-config-error": "A contact form is either not configured for this page or is configured incorrectly.",
|
||||
"contactpage-mustbeloggedin": "Please log in to submit a contact form."
|
||||
"contactpage-mustbeloggedin": "Please log in to submit a contact form.",
|
||||
"contactpage-musthaveemail-error-title": "Missing confirmed email address",
|
||||
"contactpage-musthaveemail-error": "Please set a confirmed email address in your [[Special:Preferences|preferences]] to submit a contact form."
|
||||
}
|
||||
|
|
|
@ -27,5 +27,7 @@
|
|||
"contactpage-captcha-error": "Error message displayed when there was a CAPTCHA error (i.e. the user failed to enter the correct CAPTCHA, or didn't enter one at all, etc.)",
|
||||
"contactpage-config-error-title": "Page title of Special:Contact when the requested form is configured incorrectly.",
|
||||
"contactpage-config-error": "Used as the content of Special:Contact when the requested form is configured incorrectly.",
|
||||
"contactpage-mustbeloggedin": "Showed on Special:Userlogin when user tries to use a Contact Page that requires them to be logged in."
|
||||
"contactpage-mustbeloggedin": "Showed on Special:Userlogin when user tries to use a Contact Page that requires them to be logged in.",
|
||||
"contactpage-musthaveemail-error-title": "Used as the page title for Special:Contact when a user without a confirmed email address tries to load a form that requires the user have a confirmed email address.",
|
||||
"contactpage-musthaveemail-error": "Showed on Special:Contact when a user tries to use a contact form that requires the user have confirmed email address."
|
||||
}
|
||||
|
|
|
@ -121,13 +121,24 @@ class SpecialContact extends UnlistedSpecialPage {
|
|||
$user = $this->getUser();
|
||||
|
||||
// Display error if user not logged in when config requires it
|
||||
if ( isset( $config['MustBeLoggedIn'] ) && $config['MustBeLoggedIn'] ) {
|
||||
$requiresConfirmedEmail = $config['MustHaveEmail'] ?? false;
|
||||
$requiresLogin = $config['MustBeLoggedIn'] ?? false;
|
||||
if ( $requiresLogin ) {
|
||||
$this->requireNamedUser( 'contactpage-mustbeloggedin' );
|
||||
} elseif ( $requiresConfirmedEmail ) {
|
||||
// MustHaveEmail must not be set without setting MustBeLoggedIn, as
|
||||
// anon and temporary users do not have email addresses.
|
||||
$this->getOutput()->showErrorPage( 'contactpage-config-error-title',
|
||||
'contactpage-config-error' );
|
||||
return;
|
||||
}
|
||||
|
||||
// Display error if sender has no confirmed email when config requires it
|
||||
if ( isset( $config['MustHaveEmail'] ) && $config['MustHaveEmail'] && !$user->isEmailConfirmed() ) {
|
||||
$this->getOutput()->showErrorPage( 'noemailtitle', 'noemail', [ $user ] );
|
||||
if ( $requiresConfirmedEmail && !$user->isEmailConfirmed() ) {
|
||||
$this->getOutput()->showErrorPage(
|
||||
'contactpage-musthaveemail-error-title',
|
||||
'contactpage-musthaveemail-error'
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -188,6 +199,18 @@ class SpecialContact extends UnlistedSpecialPage {
|
|||
$emailReadonly = $config['EmailReadonly'] ?? false;
|
||||
}
|
||||
|
||||
// Show error if the following are true as they are in combination invalid configuration:
|
||||
// * The form doesn't require logging in
|
||||
// * The form requires details
|
||||
// * The email form is read only.
|
||||
// This is because the email field will be empty for anon and temp users and must be filled
|
||||
// for the form to be valid, but cannot be modified by the client.
|
||||
if ( !$requiresLogin && $emailReadonly && $config['RequireDetails'] ) {
|
||||
$this->getOutput()->showErrorPage( 'contactpage-config-error-title',
|
||||
'contactpage-config-error' );
|
||||
return;
|
||||
}
|
||||
|
||||
$additional = $config['AdditionalFields'] ?? [];
|
||||
|
||||
$formItems = [
|
||||
|
|
正在加载...
在新工单中引用